On Mon, Oct 21, 2013 at 08:02:33PM +0300, Maksim Kulik wrote:
> Postfix version - postfix-2.10.1,1
Probably immaterial. In Postfix 2.11-20131001 you can disable SSL
compression, which seems to be broken below. Sure seems like a
buggy OpenSSL or zlib.
> Openssl version - openssl-1.0.1_8
When was it last updated? When did the problem start?
> FreeBSD version - FreeBSD 9.2-STABLE #1 r256306:
When was it last updated? When did the problem start?
> Log and backtrace:
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> Attaching to program: /usr/local/libexec/postfix/smtp, process 71657
> Reading symbols from /usr/local/lib/libssl.so.8...done.
> Loaded symbols for /usr/local/lib/libssl.so.8
> Reading symbols from /usr/local/lib/libcrypto.so.8...done.
> Loaded symbols for /usr/local/lib/libcrypto.so.8
Is this the default SSL library for the OS? (/usr/local/lib rather
than /usr/lib or /lib)?
> Reading symbols from /usr/local/lib/mysql/libmysqlclient.so.18...done.
> Loaded symbols for /usr/local/lib/mysql/libmysqlclient.so.18
Is it building with mysql that adds /usr/local/lib to the linker
search path?
> Reading symbols from /lib/libz.so.6...done.
> Loaded symbols for /lib/libz.so.6
When was it last updated? When did the problem start?
> (gdb) Continuing.
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x000000080195a812 in deflateSetDictionary () from /lib/libz.so.6
> (gdb) #0 0x000000080195a812 in deflateSetDictionary () from /lib/libz.so.6
> #1 0x000000080195cc75 in deflateCopy () from /lib/libz.so.6
> #2 0x000000080195bb6e in deflate () from /lib/libz.so.6
This is the boundary between Zlib code and OpenSSL code.
> #3 0x0000000800ecd4ce in zlib_stateful_compress_block (
> ctx=<value optimized out>, out=0x803276008 "x\234", olen=17408,
> in=0x803225000 "\024", ilen=16) at c_zlib.c:207
> #4 0x0000000800ecc732 in COMP_compress_block (ctx=0x803017c40,
> out=<value optimized out>, olen=<value optimized out>,
> in=<value optimized out>, ilen=16) at comp_lib.c:46
> #5 0x0000000800b2a3ce in ssl3_do_compress (ssl=<value optimized out>)
> at s3_pkt.c:564
> #6 0x0000000800b2a594 in do_ssl3_write (s=0x803008000, type=22,
> buf=0x803225000 "\024", len=16, create_empty_fragment=0) at s3_pkt.c:790
> #7 0x0000000800b2ab75 in ssl3_write_bytes (s=0x803008000, type=22,
> buf_=0x803225000, len=<value optimized out>) at s3_pkt.c:609
> #8 0x0000000800b2ca5d in ssl3_do_write (s=0x803008000, type=22)
> at s3_both.c:132
> #9 0x0000000800b26689 in ssl3_connect (s=0x803008000) at s3_clnt.c:508
This is the boundary between OpenSSL code and Postfix code.
> #10 0x0000000000415838 in tls_bio (fd=16, timeout=300,
> TLScontext=0x80301bb50, hsfunc=0x4059b4 <SSL_connect@plt>, rfunc=0,
> wfunc=0, buf=0x0, num=0) at tls_bio_ops.c:198
> #11 0x0000000000414ccf in tls_client_start (props=0x7fffffffc930)
> at tls_client.c:952
> #12 0x00000000004092af in smtp_start_tls (state=0x80301b550)
> at smtp_proto.c:791
> #13 0x0000000000408f2d in smtp_helo (state=0x80301b550) at smtp_proto.c:678
> #14 0x0000000000407d1f in smtp_connect_inet (state=0x80301b550,
> nexthop=0x8030347b0 "ngs.ru", def_service=0x45d616 "smtp")
> at smtp_connect.c:908
> #15 0x00000000004080df in smtp_connect (state=0x80301b550)
> at smtp_connect.c:1063
> #16 0x0000000000405e41 in deliver_message (service=0x7fffffffdef0 "smtp",
> request=0x803078510) at smtp.c:925
> #17 0x0000000000405eb7 in smtp_service (client_stream=0x803021a90,
> service=0x7fffffffdef0 "smtp", argv=0x7fffffffdd40) at smtp.c:957
> #18 0x000000000041227a in single_server_wakeup (fd=14, attr=0x0)
> at single_server.c:278
> #19 0x0000000000412407 in single_server_accept_local (unused_event=1,
> context=0x6 <Error reading address 0x6: Bad address>)
> at single_server.c:324
> #20 0x000000000044578f in event_loop (delay=-1) at events.c:1182
> #21 0x0000000000413611 in single_server_main (argc=7, argv=0x7fffffffdd08,
> service=0x405e60 <smtp_service>) at single_server.c:772
> #22 0x0000000000406516 in main (argc=) at smtp.c:1202
> (gdb)
Sure looks like either OpenSSL or zlib is broken. Perhaps related to:
http://jabber.996255.n3.nabble.com/cores-on-freebsd-9-stable-td28747.html
> Tried also posttls-finger from postfix 2.11. Program exited normally.
Which OpenSSL did this link with? Report the output of:
ldd bin/posttls-finger
--
Viktor.
